CVE-2022-49722

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A memory corruption issue in the VF driver of the Linux kernel has been resolved. The issue occurred when the VF driver assumed that the VF was disabled while it still had queues configured, leading to the VF unmapping DMA resources and causing memory corruption. This corruption could result in a crash. The issue is related to the iavf driver and the iavf adminq task function.

Recommendations As a temporary workaround, consider disabling the iavf driver until a patch is available. Restrict access to the iavf adminq task function to minimize the risk of exploitation. Update to a newer version of the Linux kernel that includes the fix for this issue.

Exploit

Fix

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

AZL-68805

BDU:2026-03743

CVE-2022-49722

RHSA-2022:6460

RHSA-2022:6610

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Debian

Linux Kernel

Suse

CVE-2022-49722

Weakness Enumeration

Related Identifiers

Affected Products

References · 1334